HOMEPAGE = "git://gitnub.com/kubeedge/kubeedge;branch=master;protocol=https"
SUMMARY = "Production-Grade Container Scheduling and Management"
DESCRIPTION = "KubeEdge is built upon Kubernetes and extends native containerized \
application orchestration and device management to hosts at the Edge. \
"

PV = "1.8.0"

SRC_URI = " \
    file://v1.8.0.tar.gz;subdir=git/src/github.com/kubeedge/kubeedge;striplevel=1 \
"

SRC_URI:append = " \
    file://0001-rpminstaller-add-support-for-openEuler.patch \
    file://1000-add-riscv64-support.patch \
    file://openeuler-embedded-support-only.patch \
    file://edgecore.oee.yaml \
    file://cloudcore.example.yaml \
    file://edgecore.service \
    file://cloudcore.service \
    file://isulad-cloud-daemon.json \
    file://isulad-edge-daemon.json \
    file://kube-flannel-cloud.yml \
    file://kube-flannel-edge.yml \
    file://br_netfilter.service \
"

# NOTICE: 
# UPX will compress the binary with a shell, 
# which means the compressed binary will bypass some security checks. 
# Therefore, please ensure the build artifact is trustworthy before enabling turnon_upx
turnon_upx ?= "false"

DEPENDS += "rsync-native \
            coreutils-native \
            go-native \
            ${@bb.utils.contains('turnon_upx', 'true', 'upx-native', '', d)} \
           "

LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"

GO_IMPORT = "import"
S = "${WORKDIR}/git/src/github.com/kubeedge/kubeedge"


inherit systemd
inherit go
inherit goarch

do_compile() {
    export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go:${WORKDIR}/git/"
    cd ${S}

	# Build the target binaries
    export GOARCH="${TARGET_GOARCH}"
    # Pass the needed cflags/ldflags so that cgo can find the needed headers files and libraries
    export CGO_ENABLED="1"
    export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
    export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
    export CFLAGS=""
    export LDFLAGS=""
    export CC="${CC}"
    export LD="${LD}"
    export GOBIN=""
    export OEE_YOCTO_VERSION="v${PV}-oee+yocto"
    export GOLDFLAGS=" -s -w -buildid=none -buildmode=pie -extldflags ' -zrelro -ftrapv -znow -static' -linkmode=external"
    make all CGO_CFLAGS="${CGO_CFLAGS}" GO=${GO}
    ${GO} build -v -o _output/local/bin/csidriver  github.com/kubeedge/kubeedge/cloud/cmd/csidriver
    
}

export TARBALL_NAME = "${BPN}-v${PV}-linux-${TARGET_GOARCH}"
# the NIC interface for flanneld in the edge node
edge_iface = "- --enp0s1"
config_dir = "${sysconfdir}/kubeedge/config"
tools_dir = "${sysconfdir}/kubeedge/tools"
do_install() {

    # When ${turnon_upx} is enabled (set to "true"):
    # 1. Compresses keadm/edgecore/cloudcore binaries using UPX ultra-level packing
    #    - Reduces binary size by ~50-70% for storage/network constrained edge devices
    #    - May add startup overhead due to runtime decompression
    # 2. Artifact verification:
    #    - Generates SHA256 checksums of original binaries before compression
    #    - Stores checksums in ${tools_dir} for integrity verification
    if [[ "${turnon_upx}" = "true" ]]; then
        mkdir -p ${S}/_output/checksums
        for bname in keadm edgecore cloudcore; 
        do
            bbplain "upx ${bname}..."
            target="${S}/_output/local/bin/${bname}"
            if ! upx -t "${target}" > /dev/null 2>&1; then
                upx -9 "${S}/_output/local/bin/${bname}"
            fi
            sha256sum "${S}/_output/local/bin/${bname}" > "${S}/_output/checksums/${bname}_checksums.txt"
        done
        # TODO: the compressed csidriver has not been tested yet
        # upx -9 _output/local/bin/csidriver,
    fi

    # create directories
    install -d ${D}${bindir}
    install -d ${D}${sysconfdir}
    install -d ${D}${systemd_system_unitdir}
    install -d ${D}${prefix}/lib/systemd/system
    install -d ${D}${sysconfdir}/kubeedge
    install -d ${D}${config_dir}
    install -d ${D}${tools_dir}

    # install binaries
    install -m 755 -D ${S}/_output/local/bin/keadm ${D}/${bindir}
    install -m 755 -D ${S}/_output/local/bin/cloudcore ${D}/${bindir}
    install -m 755 -D ${S}/_output/local/bin/edgecore ${D}/${bindir}
    install -m 755 -D ${S}/_output/local/bin/admission ${D}/${bindir}
    install -m 755 -D ${S}/_output/local/bin/csidriver ${D}/${bindir}


    # default configs (generated by --defaultconfig) for both cloudcore and edgecore
    install -Dpm0640 ${WORKDIR}/cloudcore.example.yaml ${D}${tools_dir}/cloudcore.example.yaml
    install -Dpm0640 ${WORKDIR}/edgecore.oee.yaml ${D}${tools_dir}/edgecore.oee.yaml
    install -Dpm0640 ${WORKDIR}/isulad-cloud-daemon.json ${D}${tools_dir}/isulad-cloud-daemon.json
    install -Dpm0640 ${WORKDIR}/isulad-edge-daemon.json ${D}${tools_dir}/isulad-edge-daemon.json

    # add checksums of the original uncompressed executables
    if [[ "${turnon_upx}" = "true" ]] && [[ -d "${S}/_output/checksums" ]]; then
        bbplain "Installing checksum files of upx-packed binaries"
        install -Dpm 0444 -D ${S}/_output/checksums/*  ${D}/${tools_dir}
    fi

    # service file for systemd
    install -m 0644 ${WORKDIR}/br_netfilter.service ${D}${prefix}/lib/systemd/system/
    install -m 0644 ${WORKDIR}/cloudcore.service ${D}${systemd_system_unitdir}/
    install -m 0644 ${WORKDIR}/edgecore.service ${D}${systemd_system_unitdir}/
    
    install -m 0644 ${WORKDIR}/cloudcore.service ${D}${sysconfdir}/kubeedge/
    install -m 0644 ${WORKDIR}/edgecore.service ${D}${sysconfdir}/kubeedge/

    # install flannel yaml
    sed -i 's/@IFACE@/${edge_iface}/g' ${WORKDIR}/kube-flannel-edge.yml
    install -Dm 0644 ${WORKDIR}/kube-flannel-cloud.yml ${D}${tools_dir}/kube-flannel-cloud.yml
    install -Dm 0644 ${WORKDIR}/kube-flannel-edge.yml ${D}${tools_dir}/kube-flannel-edge.yml

    # crd yamls for kubernetes
    install -Dm 0644 ${S}/build/crds/devices/devices_v1alpha1_devicemodel.yaml ${D}${sysconfdir}/kubeedge/crds/devices/devices_v1alpha1_devicemodel.yaml
    install -Dm 0644 ${S}/build/crds/devices/devices_v1alpha2_devicemodel.yaml ${D}${sysconfdir}/kubeedge/crds/devices/devices_v1alpha2_devicemodel.yaml
    install -Dm 0644 ${S}/build/crds/devices/devices_v1alpha1_device.yaml ${D}${sysconfdir}/kubeedge/crds/devices/devices_v1alpha1_device.yaml
    install -Dm 0644 ${S}/build/crds/devices/devices_v1alpha2_device.yaml ${D}${sysconfdir}/kubeedge/crds/devices/devices_v1alpha2_device.yaml
    install -Dm 0644 ${S}/build/crds/reliablesyncs/objectsync_v1alpha1.yaml ${D}${sysconfdir}/kubeedge/crds/reliablesyncs/objectsync_v1alpha1.yaml
    install -Dm 0644 ${S}/build/crds/reliablesyncs/cluster_objectsync_v1alpha1.yaml ${D}${sysconfdir}/kubeedge/crds/reliablesyncs/cluster_objectsync_v1alpha1.yaml
    install -Dm 0644 ${S}/build/crds/router/router_v1_ruleEndpoint.yaml ${D}${sysconfdir}/kubeedge/crds/router/router_v1_ruleEndpoint.yaml
    install -Dm 0644 ${S}/build/crds/router/router_v1_rule.yaml ${D}${sysconfdir}/kubeedge/crds/router/router_v1_rule.yaml

    # tool for certificate generation
    install -Dpm0550 ${S}/build/tools/certgen.sh ${D}${tools_dir}/certgen.sh

    # construct tarball used for keadm
    install -d ${D}/${TARBALL_NAME}
    install -Dpm0550 ${S}/_output/local/bin/cloudcore ${D}/${TARBALL_NAME}/cloud/cloudcore/cloudcore
    install -Dpm0550 ${S}/_output/local/bin/admission ${D}/${TARBALL_NAME}/cloud/admission/admission
    install -Dpm0550 ${S}/_output/local/bin/csidriver ${D}/${TARBALL_NAME}/cloud/csidriver/csidriver
    install -Dpm0550 ${S}/_output/local/bin/edgecore ${D}/${TARBALL_NAME}/edge/edgecore

    cp -r ${D}${sysconfdir}/kubeedge/crds/ ${D}/${TARBALL_NAME}
    echo "v${PV}" > ${D}/${TARBALL_NAME}/version
    pushd ${D}
    tar zcf ${TARBALL_NAME}.tar.gz ${TARBALL_NAME}/
    sha512sum ${TARBALL_NAME}.tar.gz | awk '{print $1}' > checksum_${TARBALL_NAME}.tar.gz.txt
    install -Dpm0550 ${TARBALL_NAME}.tar.gz ${D}${sysconfdir}/kubeedge/${TARBALL_NAME}.tar.gz
    install -Dpm0550 checksum_${TARBALL_NAME}.tar.gz.txt ${D}${sysconfdir}/kubeedge/checksum_${TARBALL_NAME}.tar.gz.txt
    popd
}

PACKAGES =+ "keadm cloudcore edgecore  keadmtarball"
ALLOW_EMPTY:${PN} = "1"
RDEPENDS:${PN} += " \
        keadm \
        cloudcore \
        edgecore \
"

RDEPENDS:edgecore += "mosquitto"

FILES:keadm = " \
        ${bindir}/keadm \
        ${sysconfdir}/kubeedge/cloudcore.service \
        ${sysconfdir}/kubeedge/edgecore.service \
        ${sysconfdir}/kubeedge/${TARBALL_NAME}.tar.gz \
        ${sysconfdir}/kubeedge/checksum_${TARBALL_NAME}.tar.gz.txt \
        ${prefix}/lib/systemd/system/br_netfilter.service \
        ${tools_dir}/keadm_checksums.txt \
"

FILES:cloudcore = " \
        ${bindir}/cloudcore \
        ${bindir}/admission \
        ${bindir}/csidriver \
        ${systemd_system_unitdir}/cloudcore.service \
        ${sysconfdir}/kubeedge/crds \
        ${tools_dir}/certgen.sh \
        ${tools_dir}/isulad-cloud-daemon.yaml \
        ${tools_dir}/cloudcore.example.yaml \
        ${tools_dir}/kube-flannel-cloud.yml \
        ${@bb.utils.contains('turnon_upx', 'true', '${tools_dir}/cloud_checksums.txt', '', d)} \
"

FILES:edgecore = " \
        ${bindir}/edgecore \
        ${systemd_system_unitdir}/edgecore.service \
        ${tools_dir}/edgecore.oee.yaml \
        ${tools_dir}/isulad-edge-daemon.yaml \
        ${tools_dir}/kube-flannel-edge.yml \
        ${@bb.utils.contains('turnon_upx', 'true', '${tools_dir}/edge_checksums.txt', '', d)} \
"


FILES:keadmtarball = "/${TARBALL_NAME}.tar.gz /checksum_${TARBALL_NAME}.tar.gz.txt /${TARBALL_NAME} "

# If board config use =y instead ko, remove it from bbappend.
RDEPENDS:edgecore += " \
        kernel-module-llc \
        kernel-module-stp \
        kernel-module-bridge \
        kernel-module-br-netfilter \
        kernel-module-libcrc32c \
        kernel-module-nf-conntrack \
        kernel-module-nf-conntrack-netlink \
        kernel-module-nfnetlink \
        kernel-module-nf-nat \
        kernel-module-vxlan \
        kernel-module-veth \
        kernel-module-nf-defrag-ipv4 \
        kernel-module-nf-defrag-ipv6 \
        kernel-module-nft-chain-nat \
        kernel-module-nft-compat \
        kernel-module-nft-counter \
        kernel-module-xt-addrtype \
        kernel-module-xt-comment \
        kernel-module-xt-conntrack \
        kernel-module-xt-mark \
        kernel-module-xt-masquerade \
        kernel-module-xt-multiport \
        kernel-module-xt-nat \
        kernel-module-xt-tcpudp \
        kernel-module-xt-connmark \
        kernel-module-xt-statistic \
        kernel-module-xt-physdev \
        kernel-module-xt-nflog \
        kernel-module-xt-limit \
"

# sync Kubernetes kernel RRECOMMENDS
RRECOMMENDS:${PN} = "\
        kernel-module-xt-addrtype \
        kernel-module-xt-nat \
        kernel-module-xt-multiport \
        kernel-module-xt-conntrack \
        kernel-module-xt-comment \
        kernel-module-xt-mark \
        kernel-module-xt-connmark \
        kernel-module-vxlan \
        kernel-module-xt-masquerade \
        kernel-module-xt-statistic \
        kernel-module-xt-physdev \
        kernel-module-xt-nflog \
        kernel-module-xt-limit \
        kernel-module-nfnetlink-log \
"

deltask compile_ptest_base
INHIBIT_PACKAGE_STRIP = "1"
INSANE_SKIP:${PN} += "ldflags already-stripped"
